rms | 0c41e02ef1c8837307ffbfe5e3c97116808ced2214d34a5517ac732bc2c3baa7 | Triage

Submit
Reports

Overview

overview

Static

static

7

60ec502046...26.exe

windows7-x64

60ec502046...26.exe

windows10-2004-x64

Sharing

General

Target

60ec502046b8c0d787ad3b5e431c9126.exe
Size

16.4MB
Sample

240909-bxdrnavfqr
MD5

60ec502046b8c0d787ad3b5e431c9126
SHA1

125ca02f6f2e66c3ed1eeb10d78239af3e1c6fbd
SHA256

0c41e02ef1c8837307ffbfe5e3c97116808ced2214d34a5517ac732bc2c3baa7
SHA512

b2073538d267b31f9fabfa84160cccc2a308e83ee0d4d92881738fc5fd1765c53363ae32cf9c078daf95582328be33f7a8ce45f4e5af8685ea5919b721ed8fe5
SSDEEP

393216:afdWj7p4qc0/Elt1VBqqZGi/h3AxlcVtXzo:aFWfp4qc0w7VBqqRNVtXzo

Score

10^/10

rms discovery rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

60ec502046b8c0d787ad3b5e431c9126.exe

Resource

win7-20240708-en

rms discovery rat trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

60ec502046b8c0d787ad3b5e431c9126.exe

Resource

win10v2004-20240802-en

rms discovery rat trojan upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  60ec502046b8c0d787ad3b5e431c9126.exe
- Size
  
  16.4MB
- MD5
  
  60ec502046b8c0d787ad3b5e431c9126
- SHA1
  
  125ca02f6f2e66c3ed1eeb10d78239af3e1c6fbd
- SHA256
  
  0c41e02ef1c8837307ffbfe5e3c97116808ced2214d34a5517ac732bc2c3baa7
- SHA512
  
  b2073538d267b31f9fabfa84160cccc2a308e83ee0d4d92881738fc5fd1765c53363ae32cf9c078daf95582328be33f7a8ce45f4e5af8685ea5919b721ed8fe5
- SSDEEP
  
  393216:afdWj7p4qc0/Elt1VBqqZGi/h3AxlcVtXzo:aFWfp4qc0w7VBqqRNVtXzo
Score

10^/10

rms discovery rat trojan upx
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsdiscoveryrattrojanupx

behavioral2

rmsdiscoveryrattrojanupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.